/>
X

The ransomware guide: protection and eradication

It's nasty, but you don't have to be held to ransom by it.
charlie-osborne.jpg
credmalwarebytesransomware.jpg
1 of 5 Malwarebytes

The rise of ransomware

As reports surfaced of a 17-year-old whose suicide was reportedly the result of malicious code, particular scams caused by so-called "ransomware" hit the spotlight. In the case of the teenager, Joseph Edwards, a ransom demand appeared on his computer which claimed to come from law enforcement. The warning demanded $150 or legal action would be taken. As a result, Edwards took his own life. When a notice apparently from the FBI or intelligence agencies appears on someone's computer, fear can overtake reason and result in such sad cases. In a world where cyberthreats are rising, we should know exactly what we are dealing with -- and how to both avoid and combat it.

ransomware-conceptcredsymantec.jpg
2 of 5 Symantec

What is ransomware?

As explained by security firm Symantec, ransomware is a particular type of malware which locks PCs by encrypting user files. In order to access a system, victims are required to pay hackers -- who often masquerade as law enforcement -- a fee, which is often expected in Bitcoin. There is often a timer included which raises the "fee" if the victim does not immediately pay.

What makes ransomware worse is the fact the malicious code can pull your PC's location and customize notes to appear like your local police force. Not only can this terrify an unwary user, but they may also be too embarrassed to ask for help as a notice may accuse them of viewing child pornography -- such as in the case of the well-known Cryptolocker strain.

screen-shot-2015-02-09-at-20-45-46.jpg
3 of 5 Screenshot via ZDNet | Go Cell Phone Repair

Where does ransomware come from?

Ransomware can hit PCs and mobile devices such as smartphones or tablets -- although the latter options are currently quite rare.

Often, ransomware finds its way on to your system through malicious files hidden within seemingly innocent emails, or phishing campaigns which entice victims to click on links and visit either malicious or compromised websites. Ransomware may also be installed by clicking on malicious links on social media platforms. .PDF files and Microsoft Office documents may be used to disguise the malware, and unpatched versions of software -- such as Adobe Flash, Java and browsers -- are often vulnerable.

screen-shot-2015-02-09-at-21-09-11.png
4 of 5 Charlie Osborne/ZDNet

How can you avoid ransomware?

Avoid clicking on links that look suspicious, and be careful about opening attachments in emails. If you don't trust it, don't open it. When it comes to phishing campaigns, cyberattackers often take legitimate businesses -- such as banks and loan companies -- knock up a convincing email, and try to make the victim feel fear, such as saying their account has been compromised -- or happy, by declaring a tax rebate is ready and waiting for them. By tapping emotional responses, the hacker hopes a victim doesn't take a step back and think rationally; instead, they click on a link and the damage is done.

Making sure your PC's software and systems are up-to-date and fully patched will help prevent an infection, and installing security software can ensure the malware is detected before it is too late.

When it comes to mobile variants of malware, avoid downloading apps from sources you do not know or trust.

In addition, a regular backup of files means you can restore any damaged or locked files if you become infected.

screen-shot-2015-02-09-at-21-11-06.png
5 of 5 Screenshot via ZDNet | Mr. Remove Virus

How can you combat ransomware?

If you do become infected, do not pay the fee. By doing so, you are only funding criminal enterprises so they can continue striking more victims.

No law enforcement, police or intelligence agency in the world locks individual systems over what you view online. Yes, some law enforcement do track Internet users in censorship-heavy countries, but no police force encrypts your files in order to force you to pay fees. You are not in any danger of arrest if you refuse to pay -- and there is no guarantee your PC will be unlocked even if you do.

Ransomware is a nasty piece of malicious code and there is no need to feel embarrassed if you must take your infected PC to a store -- they won't automatically assume you are viewing things you should not. In fact, it is the emotional response -- the embarrassment factor -- which ransomware deployers hope people feel, as they are more likely to pay up than speak up.

If you're confident enough to tackle it yourself, there are a number of free tools available to wipe your system after booting in Safe Mode with Networking (Windows), as listed below:

Windows:

DecryptCryptoLocker

Norton Power EraserNorton Bootable Recovery Tool

Windows Defender online

Trend Micro ransomware removal tool

If these fail, try System Restore and rolling back your PC before the time of infection.

Help for Mac users and mobile.

Read on:

FireEye, Fox-IT launch free service to combat Cryptolocker ransomware

Universal XSS flaw in fully patched Microsoft Internet Explorer exposed

Anonymous targets ISIS social media, recruitment drives in #OpISIS campaign

Poor security left Anthem customer records exposed

Facebook funds GNU Privacy Guard development

Related Galleries

Developer trends, zero-day risks, 5G speeds, and more: Tech research roundup
Person seated at a booth in a cafe looks at their phone and laptop.

Related Galleries

Developer trends, zero-day risks, 5G speeds, and more: Tech research roundup

10 Photos
Tech salaries, developer skills, cybersecurity, and more: ZDNet's research roundup
remote-working-from-home-man-employee-small-desk.jpg

Related Galleries

Tech salaries, developer skills, cybersecurity, and more: ZDNet's research roundup

8 Photos
Yubikey Security Key C NFC
Security Key C NFC

Related Galleries

Yubikey Security Key C NFC

8 Photos
First look at the YubiKey Bio
YubiKey Bio

Related Galleries

First look at the YubiKey Bio

10 Photos
iVerify (version 17)
iVerify for iOS and iPadOS

Related Galleries

iVerify (version 17)

5 Photos
OnlyKey hardware security key
OnlyKey

Related Galleries

OnlyKey hardware security key

19 Photos
SoloKeys Solo V2
Solo V2

Related Galleries

SoloKeys Solo V2

10 Photos